Webhooks - Dox - DummyApp

Webhook Requests

Endpoint: POST /api/dox/webhook (verified by signing secret)

To send a webhook, sign the request body with HMAC-SHA256 using the app's signing secret and include it as the X-Webhook-Signature header.

Signing secret: b09f045fe55624a701d2da9e007bca4748d12c8a65b9e3ce772679408219ccf7

ID	Method	Received At	Remote Addr	Body Preview
1	POST	Apr 23 23:05:33	172.18.0.3:52286	{"data":{"app_id":"f068a624-e2bd-4731-aa95-9c000d2938b0","authentication_id":"4b59b557-b940-4073-987e-40cb56a00fb5","end_user_id":"acba4a49-00e8-4aba-8310-a434eeb56708"},"event":"app.user_connected","timestamp":"2026-04-23T23:05:33Z"}
Headers Accept-Encoding: gzip Content-Length: 234 Content-Type: application/json User-Agent: Go-http-client/1.1 X-Nativesuite-Event: app.user_connected X-Nativesuite-Signature: sha256=dab7198cd15e33550f0d11b56e63b4ba2dc046ecbbd3dcee291b884bc8c97b7c X-Nativesuite-Timestamp: 1776985533 Body {"data":{"app_id":"f068a624-e2bd-4731-aa95-9c000d2938b0","authentication_id":"4b59b557-b940-4073-987e-40cb56a00fb5","end_user_id":"acba4a49-00e8-4aba-8310-a434eeb56708"},"event":"app.user_connected","timestamp":"2026-04-23T23:05:33Z"}

Method

Received At

Remote Addr

Body Preview

POST

Apr 23 23:05:33

172.18.0.3:52286

{"data":{"app_id":"f068a624-e2bd-4731-aa95-9c000d2938b0","authentication_id":"4b59b557-b940-4073-987e-40cb56a00fb5","end_user_id":"acba4a49-00e8-4aba-8310-a434eeb56708"},"event":"app.user_connected","timestamp":"2026-04-23T23:05:33Z"}